huxy-server 1.0.2 → 1.0.3

package/README.md

@@ -52,8 +52,6 @@ startApp(config, (huxyConfig, app, httpServer) => {
 });
 ```
 
-`authToken` 默认值 '1234'，如不需要鉴权可以设置环境变量 `AUTH_TOKEN=false` 或设置 `config = {authToken: false}`。
-
 ### 直接使用 `appProxy`
 
 也可直接使用 `appProxy`，只需传入你的服务 `app` 和代理 `config` 即可。
@@ -65,6 +63,35 @@ appProxy(app, config);
 
 ```
 
+### API 鉴权配置
+
+包含 2 种鉴权方式：
+
+- apiKey：在请求头中 `x-api-key`或`x-huxy-auth` 里设置 `authToken` 值。
+- jwt：在请求头中 `authorization` 里设置 `Bearer ${token}` 进行用户验证。
+
+默认不需要鉴权 `authToken: false` ，设置环境变量 `AUTH_TOKEN=false` 或 `config = {authToken: false}` 即可。如需鉴权选择上述 2 种方式中的一种即可，优先进行 `authToken` 认证。
+
+可配置免认证路由，如：`whitePathList: ['/health', '/status']` 。
+
+也可配置免认证 `authKeys` ：如：`whiteAuthKeys: ['1234', '2234']` 。
+
+配置示例：
+
+```javascript
+const config = {
+  // apiKey
+  authToken: '1234',
+  // jwt
+  secret: 'your-secret-key',
+  expiresIn: '30d',
+  issuer: 'your-app',
+  // white list
+  whiteAuthKeys: ['1234', '2234'],
+  whitePathList: ['/health', '/status'],
+};
+```
+
 ### 环境变量
 
 项目支持以下环境变量：

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "huxy-server",
-  "version": "1.0.2",
+  "version": "1.0.3",
   "description": "一个精炼、高性能的 Express.js 服务器模板，为现代 Node.js 应用程序设计，提供灵活的功能和最佳实践。",
   "type": "module",
   "module": "./src/index.js",
@@ -36,7 +36,7 @@
   },
   "dependencies": {
     "http-proxy-middleware": "^3.0.5",
-    "huxy-node-server": "^1.0.0",
+    "huxy-node-server": "^1.0.1",
     "jsonwebtoken": "^9.0.3"
   },
   "engines": {

package/src/index.js

@@ -5,54 +5,54 @@ import {
   createLogger as ee,
   dateTime as te,
   localIPs as re,
-  nodeArgs as oe,
-  getEnvConfig as se,
+  nodeArgs as se,
+  getEnvConfig as oe,
   checkPort as ae,
   getDirName as ne,
   resolvePath as ie,
 } from 'huxy-node-server';
 import {createProxyMiddleware as I} from 'http-proxy-middleware';
 import {dateTime as $} from 'huxy-node-server';
-import j from 'jsonwebtoken';
-var f = (r, e = {secret, ...opt}) => j.verify(r, secret, opt);
+import T from 'jsonwebtoken';
+var f = (r, e = {secret, ...opt}) => T.verify(r, secret, opt);
 var x =
   (r = {}) =>
-  (e, t, o) => {
-    let n = e.headers.authorization;
-    if (!n) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'), t.status(401).json({message: '\u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'}));
-    if (!n.startsWith('Bearer '))
+  (e, t, s) => {
+    let o = e.headers.authorization;
+    if (!o) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'), t.status(401).json({message: '\u7F3A\u5C11\u8BA4\u8BC1\u4FE1\u606F'}));
+    if (!o.startsWith('Bearer '))
       return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u672A\u63D0\u4F9B\u6709\u6548\u8BA4\u8BC1\u4FE1\u606F'), t.status(401).json({message: '\u672A\u63D0\u4F9B\u6709\u6548\u8BA4\u8BC1\u4FE1\u606F'}));
-    let a = n.split(' ')[1];
-    if (!a) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'), t.status(401).json({message: '\u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'}));
+    let n = o.split(' ')[1];
+    if (!n) return (e.log.warn('\u8BA4\u8BC1\u5931\u8D25: \u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'), t.status(401).json({message: '\u8BBF\u95EE\u4EE4\u724C\u7F3A\u5931'}));
     try {
-      let s = f(a, r);
-      (e.log.info(s, '\u8BA4\u8BC1\u6210\u529F'), (e.user = s), o());
-    } catch (s) {
-      return s.name === 'TokenExpiredError'
+      let a = f(n, r);
+      (e.log.info(a, '\u8BA4\u8BC1\u6210\u529F'), (e.user = a), s());
+    } catch (a) {
+      return a.name === 'TokenExpiredError'
         ? (e.log.warn({ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u4EE4\u724C\u5DF2\u8FC7\u671F'), t.status(401).json({message: '\u4EE4\u724C\u5DF2\u8FC7\u671F'}))
-        : s.name === 'JsonWebTokenError'
+        : a.name === 'JsonWebTokenError'
           ? (e.log.warn({ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u65E0\u6548\u7684\u4EE4\u724C'), t.status(403).json({message: '\u65E0\u6548\u7684\u4EE4\u724C'}))
-          : s instanceof AuthorizationError
-            ? (e.log.warn({ip: e.ip}, `\u8BA4\u8BC1\u5931\u8D25: ${s.message}`), t.status(s.status).json({message: s.message}))
-            : (e.log.warn({err: s, ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'), t.status(500).json({message: '\u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'}));
+          : a instanceof AuthorizationError
+            ? (e.log.warn({ip: e.ip}, `\u8BA4\u8BC1\u5931\u8D25: ${a.message}`), t.status(a.status).json({message: a.message}))
+            : (e.log.warn({err: a, ip: e.ip}, '\u8BA4\u8BC1\u5931\u8D25: \u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'), t.status(500).json({message: '\u5185\u90E8\u670D\u52A1\u5668\u9519\u8BEF'}));
     }
   };
 var v =
     ({whiteAuthKeys: r = [], whiteAuthPaths: e = [], config: t = {}}) =>
-    (o, n, a) => {
-      if (o.method === 'OPTIONS' || e.includes(o.path)) return a();
-      let {authToken: s} = t;
-      if (s === !1 || s === 'false') return a();
-      let i = o.headers['x-huxy-auth'] || o.headers['x-api-key'];
-      if ((i && i === s) || r.includes(i)) return a();
+    (s, o, n) => {
+      if (s.method === 'OPTIONS' || e.includes(s.path)) return n();
+      let {authToken: a} = t;
+      if (a === !1 || a === 'false') return n();
+      let i = s.headers['x-huxy-auth'] || s.headers['x-api-key'];
+      if ((i && i === a) || r.includes(i)) return n();
       let {secret: c, expiresIn: l, algorithm: p, issuer: h} = t;
-      x({secret: c, expiresIn: l, algorithm: p, issuer: h})(o, n, a);
+      x({secret: c, expiresIn: l, algorithm: p, issuer: h})(s, o, n);
     },
   y = v;
 var H = ['x-powered-by', 'server'],
   w = (r, e) => {
     let t = new Headers(r);
-    return (headersToRemove.forEach(o => t.delete(o)), t.set('Host', e), t.set('User-Agent', 'IHUXY-API/1.0'), t);
+    return (headersToRemove.forEach(s => t.delete(s)), t.set('Host', e), t.set('User-Agent', 'IHUXY-API/1.0'), t);
   },
   g = r => {
     let e = new Headers(r);
@@ -69,37 +69,40 @@ var R = r => Object.prototype.toString.call(r).slice(8, -1).toLowerCase(),
   A = (r, e) => E(r).map(t => ((t.prefix = `${e}${t.prefix ?? `/${t.name}`}`.replace('//', '/')), t)),
   u = r => (Array.isArray(r) ? r : []).filter(Boolean),
   P = (r, e) => ['/', '/health', e, ...u(r)].map(t => `${e}${t}`.replace('//', '/'));
-var S = ({target: r = 'http://localhost:11434', prefix: e = '/api', ...t} = {}, o = !1) => ({
+var S = ({target: r = 'http://localhost:11434', prefix: e = '/api', ...t} = {}, s = !1) => ({
     target: r,
     pathRewrite: {[`^${e}`]: ''},
     changeOrigin: !0,
     selfHandleResponse: !1,
-    onProxyReq: (n, a, s) => {
-      !o && w(n.headers, r);
+    onProxyReq: (o, n, a) => {
+      !s && w(o.headers, r);
     },
-    onProxyRes: (n, a, s) => {
-      !o && g(n.headers);
+    onProxyRes: (o, n, a) => {
+      !s && g(o.headers);
     },
-    onError: (n, a, s) => {
-      (a.log.error({err: n}, '\u4EE3\u7406\u9519\u8BEF'), s.headersSent || s.status(502).json({error: '\u7F51\u5173\u9519\u8BEF'}));
+    onError: (o, n, a) => {
+      (n.log.error({err: o}, '\u4EE3\u7406\u9519\u8BEF'), a.headersSent || a.status(502).json({error: '\u7F51\u5173\u9519\u8BEF'}));
     },
     ...t,
   }),
   k = (r, e) => {
-    let t = {status: 'OK', message: `API \u670D\u52A1\u5668\u8FD0\u884C\u4E2D -> ${e}`, timestamp: $(), uptime: process.uptime(), memoryUsage: process.memoryUsage()};
-    r.get(`${e}/health`.replace('//', '/'), (o, n) => {
-      n.status(200).json(t);
-    });
+    let t = {status: 'OK', message: `API \u670D\u52A1\u5668\u8FD0\u884C\u4E2D \u{1F449} ${e}`, timestamp: $(), uptime: process.uptime(), memoryUsage: process.memoryUsage()};
+    (r.get(e, (s, o) => {
+      o.status(200).json(t);
+    }),
+      r.get(`${e}/health`.replace('//', '/'), (s, o) => {
+        o.status(200).json(t);
+      }));
   },
   C = (r, e = {}, t) => {
-    let {apiPrefix: o, proxys: n = [], whiteAuthKeys: a = [], whitePathList: s = [], preserve: i = !1} = e,
-      c = A(n, o);
+    let {apiPrefix: s, proxys: o = [], whiteAuthKeys: n = [], whitePathList: a = [], preserve: i = !1} = e,
+      c = A(o, s);
     if (!c.length) return;
-    (t.info(`\u{1F4DD} API \u63A5\u53E3\u5730\u5740: http://${e.host}:${e.port}${o}`), k(r, o));
-    let l = y({whiteAuthKeys: u(a), whitePathList: P(s, o), config: e});
+    (t.info(`\u{1F4DD} API \u63A5\u53E3\u5730\u5740: http://${e.host}:${e.port}${s}`), k(r, s));
+    let l = y({whiteAuthKeys: u(n), whitePathList: P(a, s), config: e});
     c.map(({prefix: p, target: h}) => {
-      let T = S({prefix: p, target: h}, i);
-      (r.use(p, l, I(T)), t.info(`\u2705 \u4EE3\u7406\u4E2D ${p} -> ${h}`));
+      let j = S({prefix: p, target: h}, i);
+      (r.use(p, l, I(j)), t.info(`\u2705 \u4EE3\u7406\u4E2D ${p} \u{1F449} ${h}`));
     });
   },
   d = C;
@@ -107,7 +110,7 @@ var O = {
     port: parseInt(process.env.PORT || '8080', 10),
     host: process.env.HOST || 'localhost',
     apiPrefix: process.env.API_PREFIX || '/api',
-    authToken: '1234',
+    authToken: !1,
     proxys: [],
     whitePathList: ['/health'],
     algorithm: 'HS256',
@@ -117,13 +120,13 @@ var O = {
   },
   m = O;
 var M = (r, e) =>
-    W({...m, ...r}, async (t, o, n, a) => {
-      (await e?.(t, o, n, a), d(o, t, a));
+    W({...m, ...r}, async (t, s, o, n) => {
+      (await e?.(t, s, o, n), d(s, t, n));
     }),
   he = M,
   le = (r, e) =>
-    L({...m, ...r}, async (t, o, n, a) => {
-      (await e?.(t, o, n, a), d(o, t, a));
+    L({...m, ...r}, async (t, s, o, n) => {
+      (await e?.(t, s, o, n), d(s, t, n));
     });
 export {
   d as appProxy,
@@ -132,10 +135,10 @@ export {
   te as dateTime,
   he as default,
   ne as getDirName,
-  se as getEnvConfig,
+  oe as getEnvConfig,
   re as localIPs,
   q as logger,
-  oe as nodeArgs,
+  se as nodeArgs,
   ie as resolvePath,
   M as startApp,
   W as startServer,